<html>
<head><meta charset="utf-8"><title>Extend file metadata on windows · t-libs · Zulip Chat Archive</title></head>
<h2>Stream: <a href="https://rust-lang.github.io/zulip_archive/stream/219381-t-libs/index.html">t-libs</a></h2>
<h3>Topic: <a href="https://rust-lang.github.io/zulip_archive/stream/219381-t-libs/topic/Extend.20file.20metadata.20on.20windows.html">Extend file metadata on windows</a></h3>

<hr>

<base href="https://rust-lang.zulipchat.com">

<head><link href="https://rust-lang.github.io/zulip_archive/style.css" rel="stylesheet"></head>

<a name="209050922"></a>
<h4><a href="https://rust-lang.zulipchat.com#narrow/stream/219381-t-libs/topic/Extend%20file%20metadata%20on%20windows/near/209050922" class="zl"><img src="https://rust-lang.github.io/zulip_archive/assets/img/zulip.svg" alt="view this post on Zulip" style="width:20px;height:20px;"></a> CraftSpider <a href="https://rust-lang.github.io/zulip_archive/stream/219381-t-libs/topic/Extend.20file.20metadata.20on.20windows.html#209050922">(Sep 04 2020 at 03:04)</a>:</h4>
<p>A recent feature request, <a href="https://github.com/rust-lang/rust/issues/76294">https://github.com/rust-lang/rust/issues/76294</a>, mentions the idea of extending MetadataExt on windows with the ability to get the file owner. Looking a bit into this, while windows does have file ownership, that's not part of the same Metadata struct as backs it currently. A different function call is needed to get the desired info. Might it be worth it to extend the metadata, requiring another function call to create it, or is there a way to add lazy loading of the info?</p>



<a name="209051401"></a>
<h4><a href="https://rust-lang.zulipchat.com#narrow/stream/219381-t-libs/topic/Extend%20file%20metadata%20on%20windows/near/209051401" class="zl"><img src="https://rust-lang.github.io/zulip_archive/assets/img/zulip.svg" alt="view this post on Zulip" style="width:20px;height:20px;"></a> Chris Denton <a href="https://rust-lang.github.io/zulip_archive/stream/219381-t-libs/topic/Extend.20file.20metadata.20on.20windows.html#209051401">(Sep 04 2020 at 03:19)</a>:</h4>
<p>As far as I understand it, <code>MetadataExt</code> currently only exposes already collected metadata? In which case adding new system calls would be a significant change.</p>
<p>To be honest though, this seems like a niche feature. Owner does not really have the same significance as it does in unix. All it means is that the user is allowed to edit the ACL for that file even if they'd otherwise be denied. As far as I'm aware, Rust's std doesn't expose any other permission APIs so this information is not very useful on its own.</p>



<a name="209052480"></a>
<h4><a href="https://rust-lang.zulipchat.com#narrow/stream/219381-t-libs/topic/Extend%20file%20metadata%20on%20windows/near/209052480" class="zl"><img src="https://rust-lang.github.io/zulip_archive/assets/img/zulip.svg" alt="view this post on Zulip" style="width:20px;height:20px;"></a> Chris Denton <a href="https://rust-lang.github.io/zulip_archive/stream/219381-t-libs/topic/Extend.20file.20metadata.20on.20windows.html#209052480">(Sep 04 2020 at 03:47)</a>:</h4>
<p>Hmm... perhaps a Windows version of <code>PermissionExt</code> could expose security and permission related information?</p>



<a name="209053068"></a>
<h4><a href="https://rust-lang.zulipchat.com#narrow/stream/219381-t-libs/topic/Extend%20file%20metadata%20on%20windows/near/209053068" class="zl"><img src="https://rust-lang.github.io/zulip_archive/assets/img/zulip.svg" alt="view this post on Zulip" style="width:20px;height:20px;"></a> CraftSpider <a href="https://rust-lang.github.io/zulip_archive/stream/219381-t-libs/topic/Extend.20file.20metadata.20on.20windows.html#209053068">(Sep 04 2020 at 04:04)</a>:</h4>
<p>Hm. Personally, I like the placement in an abstract sense, though it would still involve adding the call to get them somewhere. Probably in the creation of FileAttr, to match the way things seem to currently be laid out. Supposing that was done, would it also make sense to update set_permissions?</p>



<a name="209054143"></a>
<h4><a href="https://rust-lang.zulipchat.com#narrow/stream/219381-t-libs/topic/Extend%20file%20metadata%20on%20windows/near/209054143" class="zl"><img src="https://rust-lang.github.io/zulip_archive/assets/img/zulip.svg" alt="view this post on Zulip" style="width:20px;height:20px;"></a> Chris Denton <a href="https://rust-lang.github.io/zulip_archive/stream/219381-t-libs/topic/Extend.20file.20metadata.20on.20windows.html#209054143">(Sep 04 2020 at 04:32)</a>:</h4>
<p>Perhaps. I think it'd be worth someone scoping out what exactly is needed for basic support for Windows permissions. Rust's current Permissions API is a bit weird on Windows because it toggles an attribute and doesn't touch the actual permissions. I get why but it means adding in support for actual permissions is a bit more awkward than it otherwise would be.</p>



<a name="209055187"></a>
<h4><a href="https://rust-lang.zulipchat.com#narrow/stream/219381-t-libs/topic/Extend%20file%20metadata%20on%20windows/near/209055187" class="zl"><img src="https://rust-lang.github.io/zulip_archive/assets/img/zulip.svg" alt="view this post on Zulip" style="width:20px;height:20px;"></a> CraftSpider <a href="https://rust-lang.github.io/zulip_archive/stream/219381-t-libs/topic/Extend.20file.20metadata.20on.20windows.html#209055187">(Sep 04 2020 at 05:01)</a>:</h4>
<p>If I can find the time tomorrow or over the weekend, I may try to scope it out. I think I actually remember one criticism of Rust's file system being 'Easy and generic for any OS, as long as it's Unix', where that was specifically brought up. It would be nice to make Windows permissions better.</p>



<a name="209083577"></a>
<h4><a href="https://rust-lang.zulipchat.com#narrow/stream/219381-t-libs/topic/Extend%20file%20metadata%20on%20windows/near/209083577" class="zl"><img src="https://rust-lang.github.io/zulip_archive/assets/img/zulip.svg" alt="view this post on Zulip" style="width:20px;height:20px;"></a> BurntSushi <a href="https://rust-lang.github.io/zulip_archive/stream/219381-t-libs/topic/Extend.20file.20metadata.20on.20windows.html#209083577">(Sep 04 2020 at 11:46)</a>:</h4>
<p>i just want to respond to this in particular:</p>
<blockquote>
<p>Might it be worth it to extend the metadata, requiring another function call to create it</p>
</blockquote>
<p>it's important to know that routines correspond to a single stat call, because depending on what you're doing, a stat call can be quite expensive, particularly on Windows. one also needs to be careful with acquiring metadata for directory entries. for example, we already have a public guarantee that calling <code>metadata</code> on <code>DirEntry</code> executes no syscalls, and running another stat call automatically for every dir entry on Windows to acquire niche information like this would be a serious performance regression without benefit in almost all cases. (see: <a href="https://doc.rust-lang.org/stable/std/fs/struct.DirEntry.html#method.metadata">https://doc.rust-lang.org/stable/std/fs/struct.DirEntry.html#method.metadata</a> )</p>



<a name="209142097"></a>
<h4><a href="https://rust-lang.zulipchat.com#narrow/stream/219381-t-libs/topic/Extend%20file%20metadata%20on%20windows/near/209142097" class="zl"><img src="https://rust-lang.github.io/zulip_archive/assets/img/zulip.svg" alt="view this post on Zulip" style="width:20px;height:20px;"></a> CraftSpider <a href="https://rust-lang.github.io/zulip_archive/stream/219381-t-libs/topic/Extend.20file.20metadata.20on.20windows.html#209142097">(Sep 04 2020 at 21:18)</a>:</h4>
<p>I started on a look into how to expose windows security info through the std, and what kind of changes would need to be made. I don't have much experience, so please tell me if I left out anything important.</p>
<p>Info needed to call GetSecurityInfo:</p>
<ul>
<li>We should already have the handle</li>
<li>Object Type should always be file in this context, maybe unknown. Would love someone with more experience to chime in.</li>
<li>SecurityInfo can be determined based on which things we want to get.</li>
<li>All other arguments will be filled based on SecurityInfo</li>
</ul>
<p>Where to put it:</p>
<ul>
<li>Metadata won't work, this adds a possibly expensive syscall few will use</li>
<li>Permissions doesn't make the same guarantee. Still adds something, but less people will probably be relying on it on Windows (<code>attrs(&amp;self) -&gt; u32</code> exposes the exact same info currently on Windows). Would probably be worth profiling.<ul>
<li>Add a syscall in <code>perm(&amp;self) -&gt; FilePermissions</code>, and make a FilePermissionsExt that exposes the new info. This call might fail though, so that would be a breaking change: <code>Result&lt;FilePermissions&gt;</code>.</li>
<li>Change <code>set_permissions(&amp;self, perm: FilePermissions)</code> to also set the file permissions</li>
</ul>
</li>
<li>The least impact on existing API would be to make a <code>DirEntryExt</code> and add to <code>FileExt</code> for windows, which provides a new interface for security get/set<ul>
<li>Make a new <code>get_security(&amp;self) -&gt; Result&lt;Security&gt;</code> or <code>get_security(&amp;self, flags: _) -&gt; Result&lt;Security&gt;</code> which gets the security info</li>
<li>Make a new <code>set_security(&amp;self, sec: Security) -&gt; Result&lt;()&gt;</code> which sets the security info</li>
</ul>
</li>
</ul>



<a name="209142178"></a>
<h4><a href="https://rust-lang.zulipchat.com#narrow/stream/219381-t-libs/topic/Extend%20file%20metadata%20on%20windows/near/209142178" class="zl"><img src="https://rust-lang.github.io/zulip_archive/assets/img/zulip.svg" alt="view this post on Zulip" style="width:20px;height:20px;"></a> CraftSpider <a href="https://rust-lang.github.io/zulip_archive/stream/219381-t-libs/topic/Extend.20file.20metadata.20on.20windows.html#209142178">(Sep 04 2020 at 21:19)</a>:</h4>
<p>Personally, I would be for making the breaking change to put it in FilePermissions. It's both a logical place, and I think that 'permissions' as a generic cross-platform concept, should be allowed to fail. However, I believe this would mean it's a change that requires an RFC</p>



<a name="209142450"></a>
<h4><a href="https://rust-lang.zulipchat.com#narrow/stream/219381-t-libs/topic/Extend%20file%20metadata%20on%20windows/near/209142450" class="zl"><img src="https://rust-lang.github.io/zulip_archive/assets/img/zulip.svg" alt="view this post on Zulip" style="width:20px;height:20px;"></a> CraftSpider <a href="https://rust-lang.github.io/zulip_archive/stream/219381-t-libs/topic/Extend.20file.20metadata.20on.20windows.html#209142450">(Sep 04 2020 at 21:22)</a>:</h4>
<p>Actually, thinking about it, that would mean <code>FileAttr</code> would need to preserve the handle. So it may be impractical, and making it part of <code>File</code> or <code>DirEntry</code> is the only reasonable option.</p>



<a name="209148966"></a>
<h4><a href="https://rust-lang.zulipchat.com#narrow/stream/219381-t-libs/topic/Extend%20file%20metadata%20on%20windows/near/209148966" class="zl"><img src="https://rust-lang.github.io/zulip_archive/assets/img/zulip.svg" alt="view this post on Zulip" style="width:20px;height:20px;"></a> Chris Denton <a href="https://rust-lang.github.io/zulip_archive/stream/219381-t-libs/topic/Extend.20file.20metadata.20on.20windows.html#209148966">(Sep 04 2020 at 23:10)</a>:</h4>
<p>In terms of implementation, yes <code>SE_FILE_OBJECT</code> should be used as the object type. Also only the Owner and DACL would be of interest. The Group (aka primary group) hasn't be used in decades. SACL is for auditing access but auditing files should probably be fodder for a third party crate rather than the std. As you say, getting permissions can fail. Interpreting and setting the DACL requires further system calls that can also fail.</p>
<p>For the Rust API, having a Windows only <code>Security</code> object would indeed allow the greatest freedom and avoid breaking things. I agree that Rust's current Permissions API very much assumes Unix style permissions (or something very similar) where permissions are simply part of the ordinary file metadata. This isn't ideal but people would be very reluctant to break it at this point. The standard library has very strong stability guarantees.</p>



<a name="209148975"></a>
<h4><a href="https://rust-lang.zulipchat.com#narrow/stream/219381-t-libs/topic/Extend%20file%20metadata%20on%20windows/near/209148975" class="zl"><img src="https://rust-lang.github.io/zulip_archive/assets/img/zulip.svg" alt="view this post on Zulip" style="width:20px;height:20px;"></a> Chris Denton <a href="https://rust-lang.github.io/zulip_archive/stream/219381-t-libs/topic/Extend.20file.20metadata.20on.20windows.html#209148975">(Sep 04 2020 at 23:10)</a>:</h4>
<p>I'm beginning to wonder if it might be better to trial this in a standalone crate using its own extension traits for <code>File</code> and <code>DirEntry</code>? Then see about integrating it into std once people are happy with the API.</p>



<a name="209149422"></a>
<h4><a href="https://rust-lang.zulipchat.com#narrow/stream/219381-t-libs/topic/Extend%20file%20metadata%20on%20windows/near/209149422" class="zl"><img src="https://rust-lang.github.io/zulip_archive/assets/img/zulip.svg" alt="view this post on Zulip" style="width:20px;height:20px;"></a> CraftSpider <a href="https://rust-lang.github.io/zulip_archive/stream/219381-t-libs/topic/Extend.20file.20metadata.20on.20windows.html#209149422">(Sep 04 2020 at 23:19)</a>:</h4>
<p>That makes sense. I could probably build the basic interface pretty fast, then put it up for trial and review. Would there be a good format for naming such a crate? <code>windows-security-ext</code> is a bit long, but my first thought for a name that encapsulates the functionality</p>



<a name="209150018"></a>
<h4><a href="https://rust-lang.zulipchat.com#narrow/stream/219381-t-libs/topic/Extend%20file%20metadata%20on%20windows/near/209150018" class="zl"><img src="https://rust-lang.github.io/zulip_archive/assets/img/zulip.svg" alt="view this post on Zulip" style="width:20px;height:20px;"></a> Chris Denton <a href="https://rust-lang.github.io/zulip_archive/stream/219381-t-libs/topic/Extend.20file.20metadata.20on.20windows.html#209150018">(Sep 04 2020 at 23:31)</a>:</h4>
<p>Naming isn't my forte but that sounds reasonable to me. I don't think it needs to be anything more fancy.</p>



<a name="209157302"></a>
<h4><a href="https://rust-lang.zulipchat.com#narrow/stream/219381-t-libs/topic/Extend%20file%20metadata%20on%20windows/near/209157302" class="zl"><img src="https://rust-lang.github.io/zulip_archive/assets/img/zulip.svg" alt="view this post on Zulip" style="width:20px;height:20px;"></a> CraftSpider <a href="https://rust-lang.github.io/zulip_archive/stream/219381-t-libs/topic/Extend.20file.20metadata.20on.20windows.html#209157302">(Sep 05 2020 at 02:34)</a>:</h4>
<p>Not yet published, as I need to add tests, ensure the implementation actually works, and make some decisions on Security, but the start is here: <a href="https://github.com/CraftSpider/windows-security-ext">https://github.com/CraftSpider/windows-security-ext</a></p>



<hr><p>Last updated: Aug 07 2021 at 22:04 UTC</p>
</html>